From: Kurt Buff (kurt.buff@gmail.com)
Date: Mon Jan 28 2008 - 16:06:20 EST
Ah.
I misunderstood your business.
In a situation like this, I don't think you have a choice, though I
don't have enough experience in such a situation to comment
coherently.
I was envisioning the servers being at the client site, and that you
were using virtualization for hosts that were both in the DMZ and the
internal network(s), and that's what I was preaching against.
Kurt
On Jan 28, 2008 1:02 PM, David M. Zendzian <dmz@dmzs.com> wrote:
> Just the fact that we mix customers in a virtual environment creates a
> similar risk. We aren't able to offer a dedicated host for every
> customer who wants a virtual environment, that would defeat the purpose
> of virtualization.
>
> Maybe I missed part of the earlier discussion, and I'm always ready to
> look at other ways of approaching the problem. Other than dedicated
> hosts for each customer, what would you suggest a basic design be to
> provide what you are describing?
>
> David
>
>
> Kurt Buff wrote:
> > Sorry, hit send too quickly. More below:
> >
> > On Jan 28, 2008 12:32 PM, David M. Zendzian <dmz@dmzs.com> wrote:
> > <snip>
> >
> >> The only way to be secure is to unplug, the rest of us have to work for
> >> a living :)
> >>
> >>
> >
> > There are other ways of hosting internet-exposed sites, and I believe
> > you are doing your customers a disservice by mixing domains in this
> > fashion, which (IMHO) exposes them to unnecessary risk.
> >
> > Kurt
> >
> >
>
>
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:22 EDT